Elon Musk’s clumsy brand shift from Twitter to X caused a potentially big problem this week when the social network started automatically changing “twitter.com” to “x.com” in links.
It was a phishing risk because scammers could register a domain name like “netflitwitter.com,” which would appear as “netflix.com” in posts on X, but clicking the link would take a user to netflitwitter.com.
Even if the change had been implemented smoothly, auto-replacing “twitter.com” with “x.com” doesn’t do much to help Musk cement his branding shift because x.com still redirects to twitter.com.
Please be aware that there is a potential for this feature to be exploited in the future, by acquiring domains containing “twitter.com” to lead users to malicious pages.
Krebs quoted Sean McNee, VP of research and data at DomainTools, as saying that “bad actors could register domains as a way to divert traffic from legitimate sites or brands given the opportunity—many such brands in the top million domains end in x, such as webex, hbomax, xerox, xbox, and more.”
Today, when we emailed X’s media contact address, press@x.com, we got the standard “busy now, please check back later” auto-reply.
The original article contains 644 words, the summary contains 188 words. Saved 71%. I’m a bot and I’m open source!
This is the best summary I could come up with:
Elon Musk’s clumsy brand shift from Twitter to X caused a potentially big problem this week when the social network started automatically changing “twitter.com” to “x.com” in links.
It was a phishing risk because scammers could register a domain name like “netflitwitter.com,” which would appear as “netflix.com” in posts on X, but clicking the link would take a user to netflitwitter.com.
Even if the change had been implemented smoothly, auto-replacing “twitter.com” with “x.com” doesn’t do much to help Musk cement his branding shift because x.com still redirects to twitter.com.
Please be aware that there is a potential for this feature to be exploited in the future, by acquiring domains containing “twitter.com” to lead users to malicious pages.
Krebs quoted Sean McNee, VP of research and data at DomainTools, as saying that “bad actors could register domains as a way to divert traffic from legitimate sites or brands given the opportunity—many such brands in the top million domains end in x, such as webex, hbomax, xerox, xbox, and more.”
Today, when we emailed X’s media contact address, press@x.com, we got the standard “busy now, please check back later” auto-reply.
The original article contains 644 words, the summary contains 188 words. Saved 71%. I’m a bot and I’m open source!